Closed florianbepunkt closed 1 year ago
Sadly I have no idea what ambiguous role mapping means and I could not find anything helpful in the docs.
Ambiguous Role Resolution is setting in Identity Pool.
If no rules match, the role resolution will be invoked. By default, it will fall back to the default role specified for this Identity Pool. You can also choose to DENY the request.
Error NotAuthorizedException: The ambiguous role mapping rules
is referring that any of the given rules don't match.
Request should be denied, but this error is thrown.
This is not amplify-js
specific issue, since I'm having same error while using CDK. I think this is bug 🐛 in Identity Pool service itself
@florianbepunkt I know this is an old issue, are you still having trouble with this?
@tannerabread I just ran into this issue today trying to set up Okta OIDC authentication via Cognito. I'm getting the same error but not sure how to fix it.
@darrenybarra Before I dive too deep into this, check out this comment on a similar issue and this comment along with the thread below it. That seemed to fix a lot of people's issues in the past and then some people didn't properly configure amplify within their app
@darrenybarra Was that helpful in solving your issue or should I investigate further?
Hi 👋 Closing this as we have not heard back from you. If you are still experiencing this issue and in need of assistance, please feel free to comment and provide us with any information previously requested by our team members so we can re-open this issue and be better able to assist you.
Thank you!
Before opening, please confirm:
JavaScript Framework
React
Amplify APIs
Authentication
Amplify Categories
auth
Environment information
Describe the bug
I use a Cognito user pool and an identity pool. A user is assigned a group with a IAM role. This group IAM role allows access for a Rest API.
I can sign in using the "@aws-amplify/auth" package. After signing in
await Auth.currentAuthenticatedUser();
returns the current user.However, after sign in, when calling
await Auth.currentAuthenticatedUser();
I get the following error:NotAuthorizedException: Unauthenticated access is not supported for this identity pool
This happens (see logs) because the credentials for the role cannot be loaded and, as a fallback, the user is treated as a guest. Sadly I have no idea what
ambiguous role mapping
means and I could not find anything helpful in the docs.Expected behavior
await Auth.currentAuthenticatedUser();
should return the authenticated userReproduction steps
@aws-amplify/auth
package to set up sign inawait Auth.currentAuthenticatedUser();
in separate function, e. g. a function bound to a button clickCode Snippet
Log output
aws-exports.js
No response
Manual configuration
No response
Additional configuration
No response
Mobile Device
No response
Mobile Operating System
No response
Mobile Browser
No response
Mobile Browser Version
No response
Additional information and screenshots
No response